1. Field of the Invention
The invention relates to a method and a device used to improve the security of an integrated circuit which can be applied especially to Integrated Circuit (IC) cards for which protection must be provided against all attempts at fraudulent use. These are, for example, cards used in banking applications or cards used for controlling access to protected premises. For these applications, integrated circuits have at least one microprocessor and a volatile memory containing confidential information. The information should not be damaged or retrieved by fraudulent action.
2. Description of the Related Art
To this end, there are many security sensors designed to detect abnormal operating conditions in order to prohibit the operation of the integrated circuit.
Thus, among the sensors designed, there is a sensor to detect excessively low frequencies (an excessively low frequency makes it easier to spy on internal operations), a sensor to detect excessively high voltage or excessively low voltage (because an excessively high or excessively low voltage may degrade the contents of the memory cells that are read or written in), a sensor to detect excessively high or excessively low temperatures and a depassivation or light sensor.
The security sensors each deliver a binary signal whose state indicates a normal operation or an anomaly. These binary signals are used to secure the integrated circuit.
The binary signals may directly trigger a physical protection system, for example, the locking of the clock, enforced permanent initialization or other similar systems.
The binary signals may also be used in the context of a software protection system. A storage register is then associated with each of the sensors. The different registers are sampled by the microprocessor which decides to take account or not take account of the different alarms and, as the case may be, decides on the action to be undertaken: namely re-initialization, locking, destruction of confidential data, etc.
The registers are generally of a monostable type. The detection of an alarm makes them flip over and only a secured reinitialization procedure, managed by the microprocessor, can reset them to an initial state.
The sensors could be managed by means of program interruptions where the flipping over of a register of a sensor prompts a microprocessor interruption, with a corresponding program for the management of the interruption. In practice,however, the microprocessor interruption signals are not as numerous, and they are reserved for other uses.
It is therefore preferred to carry out a sequential operation of the sensors under software control. Such an operation makes it possible to set up degrees of security depending on the applications and also makes it possible to manage false alarms.
This sequential approach is more flexible since it makes it possible to avoid systematic locking operations. The state of the sensors is then controlled sequentially, during the performance of the different instructions in the software program. It has been noticed, however, that the sequential use of the states of the sensors could be subverted in a fraudulent manner.
Indeed, if a fraudulent individual is capable of determining the different instructions sequentially performed by the microprocessor, he or she could manage to determine the precise moment in the sequence when the state of one or more of the sensors is read. For a given operation (for example, turning on the voltage, waiting for an operator's instruction, performing reading operation or a programming or verification of an identification code), since these are sequential instructions, this moment is always the same.
All that would be needed then would be to ensure that there are normal conditions before or just when the state of the sensor is read, and to modify these conditions just afterwards. When the microprocessor reads the sensors, the corresponding conditions would appear to be normal. The microprocessor therefore continues normal performance. But in fact, the operating conditions are changed just afterwards and are no longer "normal".
It has therefore been observed that the sequential use of the state of the sensors, which is admittedly more flexible than an operation by interruption, could nevertheless make it possible to bypass the checking of the security sensors. After the reading of the sensor or sensors, subsequent changes are not seen by the microprocessor so long as it does not perform a new check. Now, it is not possible to read these sensors continuously, for the progress of the programs would be excessively slowed down. Generally, a reading is done at initialization and at least once at an appropriate time for each subprogram, for example, just before a strategic operation.
An object of the invention is to secure the process of checking the security sensors. If it is possible to prevent the determining of the moment or moments when the sensors are read, then it will be far more difficult to manage to impose abnormal conditions on the integrated circuit without this being detected by the microprocessor.